[tor-dev] Tor on TV (hemm, on WDTV!)

Hi all, i got a WDTV Live (http://support.wdc.com/product/install.asp?groupid=1003&lang=en) that's part of bigger family of consumer mediaplayer from Western Digital (http://support.wdc.com/product/install.asp?level1=10&lang=en). It seems it can run Tor without any major issue. There is a very ni

Re: [tor-dev] Tor on TV (hemm, on WDTV!)

On 11/28/11 6:23 AM, Nathan Freitas wrote: > I have been looking at getting Orbot (Tor on Android) running on Google > TV flavor of Android, and it seems pretty straightforward. I will > probably wait until the next gen of these come out, as right now, I know > no one who actually owns one of these

[tor-dev] Periodic alert to outdated Tor operators?

Hi all, should we send a periodic email reminder to all operators running outdated Tor routers? >From a brief look at cached-descriptors: grep 'Tor 0\.2\.0' /var/lib/tor/cached-descriptors | wc -l 111 grep 'Tor 0\.2\.1' /var/lib/tor/cached-descriptors | wc -l 5631 grep 'Tor 0\.2\.2' /var/lib/t

[tor-dev] Reduce TBB/OSX from 32MB to 23MB

Hi all, made the following tricks that you can find attached to reduce the size of TBB/OSX from 32MB to 23MB . With this tricks it's possible to send TBB/OSX via Gmail using Gettor. It goes from: 32M/tmp/TorBrowser-2.2.34-3-dev-osx-x86_64-en-US.zip to 23M/tmp/TorBrowser-7z-wrap2.2.34-3

Re: [tor-dev] Tor on TV (hemm, on WDTV!) - TorTV

Hi all, TorTV Project has been implemented by Jaromil: TorTV : http://dyne.org/software/tortv/ Jaromil : http://rastasoft.org - @jaromil Cool, testing have to be done! -naif On 11/23/11 8:57 AM, Fabio Pietrosanti (naif) wrote: > Hi all, > > i got a WDTV Live > (http://sup

Re: [tor-dev] [tor-announce] Tor 0.2.2.35 is released (security patches)

Should we think to have all tor-users that run a version minor than X, go automatically off-the-network? I mean, if we have let's say 10% of outdated users, it means that 10% of the network can be compromised with a single remote exploit. I mean, running a Tor node today it's a responsibility. I

[tor-dev] Python SSL/TLS Security enhancement

Hi all, following the new Tor2web development based on Python by hellais (ongoing http://github.com/hellais/tor2web) we realized that the Python SSL binding are quite crap. We opened a set of Tickets on Python Issue tracker where i think that the Tor Project Community (that use a lot Python) coul

[tor-dev] A way to block chinese active probe

Hi all, here's a second chinese-probe discrimination behavior that should allow to detect them, and block it. http://pastebin.com/RNcNDYcw Like the TCP SYN one, this blocking tricks is based on the fact that the OS & software they run on their server pool to make active-tor-probing have to be hi

[tor-dev] Fwd: Re: [tor-talk] Bridge: Why not just stateless TCP socket proxy / forwarders?

From: Fabio Pietrosanti (naif) To: tor-t...@lists.torproject.org On 1/15/12 11:54 PM, and...@torproject.org wrote: > On Sun, Jan 15, 2012 at 04:58:56PM +0100, li...@infosecurity.ch wrote 0.3K > bytes in 11 lines about: > : does Bridge really need to be Tor Servers? > : Why they can&

[tor-dev] Filtering of DA and bootstrap

Hi all, in a network where the Directory Authority hard-coded in Tor code are filtered a Tor client cannot bootstrap. But as far as i understood there are (hundreds?) of Tor DA Mirror. If so, packaging the Tor clients periodically, bundling the latest consensus with the software, would provide h

Re: [tor-dev] Proposal 186: Multiple addresses for one OR or bridge

On 1/17/12 5:41 PM, Nick Mathewson wrote: >>> >>> ORPort 1337 no-advertise alladdrs >>> ORPort tornode.example.com:443 no-bind alladdrs >> >> This drives home the issue with alladdrs: what would we do if that flag >> isn't listed here? This feature would allow a single node, for example,

[tor-dev] Windows Alternative of torsocks/tsocks ?

Hi all, does anyone know if there is a windows alternative to torsocks/tsocks? We sketched down a draft to build up an anonymous web application framework that would allow to build TorHS exposed python webapps on a desktop computer. The draft is available at https://piratenpad.de/p/AnonymousWebA

Re: [tor-dev] Windows Alternative of torsocks/tsocks ?

On 1/22/12 11:28 AM, Roger Dingledine wrote: > On Sun, Jan 22, 2012 at 10:55:50AM +0100, Fabio Pietrosanti (naif) wrote: >> does anyone know if there is a windows alternative to torsocks/tsocks? > [snip] >> But to make this "library preload" under windows we

Re: [tor-dev] Windows Alternative of torsocks/tsocks ?

On 1/22/12 10:11 PM, Catalin Patulea wrote: > [resending after subscribing to list] > > Hi Fabio, > >> On 1/22/12 11:28 AM, Roger Dingledine wrote: >>> See also TorCap2: http://www.virtualventures.ca/~cat/ >>> but I've never succeeded at getting a license statement out of the author. > Roger, I'm

Re: [tor-dev] Deployability of Python software.

On 3/3/12 12:58 AM, Arturo Filastò wrote: > > What do you think? Additionally with the Awaf concept it would be possible to also have Disaster Recovery for server applications, even running on windows PC behind *DSL lines. That's because if you make a copy of the TorHS key, the later one that in

[tor-dev] Tor HS keys password protection against impersonation attacks?

Hi, thinking about Tor Hidden services, they are managed by using Hidden Services client keys. The Tor HS keys are "private keys" that may require to be protected because they represent also the "identity" of the Tor HS and if stolen, it would be possible to carry on impersonation attack on connec

Re: [tor-dev] Tor HS keys password protection against impersonation attacks?

On 3/17/12 11:02 AM, Jeroen Massar wrote: > On 2012-03-17 10:52 , Fabio Pietrosanti (naif) wrote: > [..] >> That way even in case of seizure of the server running the Tor HS >> it would not be possible to who seized the Tor HS Server to do actively >> Impersonation attack

Re: [tor-dev] Tor HS keys password protection against impersonation attacks?

On 3/18/12 3:34 AM, Jacob Appelbaum wrote: >> That way even in case of seizure of the server running the Tor HS >> it would not be possible to who seized the Tor HS Server to do actively >> Impersonation attacks of the Tor HS. > > I think that's a great idea but also a UI nightmare; for servers, I

[tor-dev] TorHS related files re-organization ?

While thinking about TorHS key protection, it would be also nice to think about "re-organizing" the way the TorHS describe store it's data. One of the example issue i see is that currently the hostname of a TorHS is written to a text file. This provide two major drawbacks: - Application integrati

Re: [tor-dev] TorHS related files re-organization ?

On 3/18/12 1:09 PM, Jeroen Massar wrote: > > > On 18 Mar 2012, at 12:46, "Fabio Pietrosanti (naif)" > wrote: > >> - Security issue >> >> Looking at the server seizure threat scenario, who seize the computer >> running TorHS will be able to kn

Re: [tor-dev] Tor for iOS via official channels

On 3/18/12 2:42 PM, Linas Valiukas wrote: > Hello, > > I was thinking about a GSoC 2012 project I could propose, and I came to the > question of why there's no Tor iOS (iPhone / iPad / iPod touch) application > distributed on the official iTunes App Store? > > There's this "test package" of To

Re: [tor-dev] Tor for iOS via official channels

On 3/18/12 3:17 PM, Nathan Freitas wrote: > Afaik, there are no long running background processes available to run a > standalone tor process. Covert Browser works because it is integrated in > one app/process. That's also another nice option, that generally would mean more hacking on Tor to make

Re: [tor-dev] TorHS related files re-organization ?

On 3/18/12 2:40 PM, Jeroen Massar wrote: > On 2012-03-18 13:57 , Fabio Pietrosanti (naif) wrote: >> On 3/18/12 1:09 PM, Jeroen Massar wrote: >>> >>> >>> On 18 Mar 2012, at 12:46, "Fabio Pietrosanti (naif)" >>> wrote: >>> >

Re: [tor-dev] Tor for iOS via official channels

On 3/19/12 1:24 AM, Andrew Lewman wrote: > On Sun, 18 Mar 2012 15:42:33 +0200 > Linas Valiukas wrote: >> I was thinking about a GSoC 2012 project I could propose, and I came >> to the question of why there's no Tor iOS (iPhone / iPad / iPod >> touch) application distributed on the official iTunes

Re: [tor-dev] Proposal: Integration of BridgeFinder and BridgeFinderHelper (on-disk Data protection)

On 3/27/12 12:09 PM, Robert Ransom wrote: > It's not a typo. Those BridgeFinderHelpers MUST NOT be installed > unless the user has explicitly permitted that they be installed. Even > if the user has explicitly permitted that a BridgeFinderHelper be > installed and write data to disk, it SHOULD NO

[tor-dev] ampislay: anonymous connection trough IP spoofing

Vecna [1], today published ampislay [2], an 8 years old project to implement anonymous communication trough IP spoofing. It's a not-so-conventional techniques, that have it's advantage and weakness, but that maybe considered within the Tor community for some particular use-case. It was a gift for

Re: [tor-dev] GSoC Introduction - Pluggable Transports in Python

On 5/22/12 5:34 PM, Brandon Wiley wrote: > *py2exe packaging for obfsproxy* > > The command line tool will be packaged into a standalone executable for > Windows. Would you be interested in leveraging knowledge/code/experience from APAF (Anonymous Python Application Framework): http://www.mail-a

Re: [tor-dev] TorStatus

On 6/4/12 8:04 AM, Karsten Loesing wrote: > TorStatus is, AFAIK, not maintained anymore. But we developed Onionoo > [0] and Atlas [1] as a TorStatus replacement. Onionoo provides Tor > status information in a JSON format and Atlas presents these data in a > nice human-readable format. You could

Re: [tor-dev] txtorcon 0.2

On 6/1/12 8:45 PM, Damian Johnson wrote: >> (If this type of mail isn't appropriate for tor-dev please let me >> know...) > > It's perfectly appropriate - glad to hear about the improvements! > > On a side note, do you think that any txtorcon/stem work would be > appropriate? They're both aiming

Re: [tor-dev] Proposal 188: Bridge Guards and other anti-enumeration defenses

On 6/12/12 12:32 PM, Roger Dingledine wrote: >> Any attacker who can extend circuits through a bridge can enumerate >> the set of guard nodes which it routes its clients' circuits through. >> A malicious middle relay can easily determine the set of entry guards >> used by a hidden service, and over

[tor-dev] STEM: Tor2csv / Tor2xml / Tor2json ?

Hi, i just would like to provide a suggestion for Stem use (maybe already done), now that it has a powerful cached-consensus/descriptors parsers. Would it possible to provide easy to use command line tools to access Tor's data in the following formats: - csv - xml - json So that anyone requirin

Re: [tor-dev] [GSoC] APAF Report

On 6/20/12 5:54 PM, Damian Johnson wrote: > Personally I decided to write my own modules for this functionality > [1] (including some improvements based on psutil [2]) because a C > module dependency didn't feel worth this functionality - especially > since pid lookup is a one-time thing, and doesn

Re: [tor-dev] [GSoC] APAF Report (Android?)

On 6/21/12 7:28 AM, meejah wrote: > meejah writes: > >> That used to be an optional dependency, so I will put that code back >> in (actually, probably just take out the dependency for psutils and >> report PIDs instead). It's really just "nice to have" anyway and >> users who want that could of c

Re: [tor-dev] Tor proposals implemented in Tor 0.2.3.x

On 6/18/12 11:24 PM, Nick Mathewson wrote: > PARTIALLY IMPLEMENTED IN 0.2.3.x > >186 Multiple addresses for one OR or bridge > > We've implemented this to the extent of letting a bridge have a > single IPv6 address. Supporting this for regular relays will > need to wait for 0

Re: [tor-dev] Open Proposals as of June 2012

On 6/19/12 2:30 AM, Jacob Appelbaum wrote: >>146 Add new flag to reflect long-term stability >> >> From time to time we get the idea of having clients ship with a >> reasonably recent consensus (or a list of directory mirrors), >> so instead of bootstrapping from one of the auth

Re: [tor-dev] [GSoC] APAF Report

On 7/8/12 2:19 PM, Michele Orrù wrote: > Sorry for being so late, but as anticipated on the irc channel, I spent > most of the last week as talk manager at Europython. During, the free > time I've had the occasion to meet lots of developers of the tor > community joining the tordev meeting before a

Re: [tor-dev] Onionoo in Python

On 7/10/12 5:36 PM, Norman Danner wrote: > > > On 7/9/12 12:09 PM, Sathyanarayanan Gunasekaran wrote: >>> Is this available yet? >> >> Yep - https://github.com/gsathya/pyonionoo It's pretty hacky(it was >> meant to be a prototype to see if Cyclone was a good idea - and well, >> i like it) and wil

Re: [tor-dev] Onionoo in Python

On 7/10/12 6:18 PM, Damian Johnson wrote: >> On APAF (anonymous python application framework) GSoc project, to build >> cross-platform Windows, OSX, Linux applications including Tor there is >> the use of Twisted+Cyclone. > > I'm still not clear though - what is the advantage of providing > Oniono

Re: [tor-dev] [GSoC] APAF Report

On 7/11/12 8:26 PM, Michele Orrù wrote: > Well, right now the most important graphic elements are system tray > icons, bot for windows and osx. For icons it will be very important also to provide a clear documentation on which format must be used and how to process an existing image to convert tha

Re: [tor-dev] [OONI] Designing the OONI Backend (OONIB). RESTful API vs rsynch

On 7/15/12 3:58 PM, Jacob Appelbaum wrote: >> Are you sure HTTP doesn't support resume? What does wget -c do? >> > > I believe this requires the HTTP: range header and it doesn't provide > the integrity checking that rsync provides. It maybe also an application HTTP parameters that contain the la

Re: [tor-dev] 10 days left for proposals for hard stuff [Re: Reminder: Big/tricky/interesting features for 0.2.4 need proposals by 10 October]

On 10/1/12 6:49 PM, Nick Mathewson wrote: >> Hi, all! >> >> From https://trac.torproject.org/projects/tor/wiki/org/roadmaps/Tor/024 : >> >> "October 10, 2012: Big feature proposal checkpoint. Any large >> complicated feature which requires a design proposal must have its >> first design proposal dr

Re: [tor-dev] Working on GUI

On 11/6/12 10:00 PM, vimalathithan wrote: > > Hi, I am new to this community. > > > > A group consists of 5 members from School of Informatics and > Computing, working with Professor Jean Camp on a research paper. > > Our research is to carry out a case study after making changes in the > UI of T

Re: [tor-dev] Twisted-based Tor client performance measurement tool (using ooni?)

On 1/21/13 9:06 PM, Karsten Loesing wrote: > Hi everyone, > > you probably heard of Torperf [0], the tool that produces our Tor client > performance graphs [1]. Torperf is mostly a bunch of scripts and > lengthy HOWTOs, so setting it up and keeping it happy is not exactly > trivial. I am wonderin

Re: [tor-dev] [tor-talk] Exit Node Scanning Status (using OONI?)

On 1/31/13 10:25 PM, Mike Perry wrote: > > Roger insists it may be wiser to start simple with a fixed test server > that you control and work your way up to something as exhaustive as SoaT > later. If you don't want to be watching huge volumes of result feeds > like a hawk for the rest of your life

Re: [tor-dev] Tor Exit Images

On 3/24/13 9:39 PM, Griffin Boyce wrote: > Hey all, > > After talking to Wendy Seltzer, I decided to bring this up on the > list. I frequently talk to people who would like to run an exit node, > but who aren't as good a sysadmin as they'd like to be. It would be > great if there were server im

Re: [tor-dev] Tor Exit Images

On 3/24/13 11:11 PM, Griffin Boyce wrote: > Fabio Pietrosanti (naif) <mailto:li...@infosecurity.ch>> wrote: > > To fix that need it would be nice to make a sort of "hosting provider" > (using existing tool for customer management, payments, >

Re: [tor-dev] Tor Exit Images -> software to manage tor on unix without unix-skills

On 3/24/13 11:16 PM, Fabio Pietrosanti (naif) wrote: > On 3/24/13 11:11 PM, Griffin Boyce wrote: >> Fabio Pietrosanti (naif) > <mailto:li...@infosecurity.ch>> wrote: >> >> To fix that need it would be nice to make a sort of "hosting >> provid

Re: [tor-dev] Using Tor as a library

On 3/28/13 8:32 AM, wac wrote: > Hi Folks: > > I am looking to use Tor as a library for my program. I managed to build it > from the sources including the required libraries. But now I am looking for > hints on how to replace the SOCKS 4/5 or the transparent proxy with direct > calls from my app

Re: [tor-dev] Using Tor as a library

On 3/28/13 12:10 PM, Christopher Schmidt wrote: > "Fabio Pietrosanti (naif)" > writes: >> That's the future of Tor, to be integrated as a library just like an >> encryption library into application. > No, it's not. Embedding a Tor client in an

Re: [tor-dev] Using Tor as a library

On 3/29/13 4:50 AM, wac wrote: > > I tell you what. I don't have intentions to change Tor. I basically want to > do this for me. But since I notice now it could be useful to the community > and the community could be providing feedback I can make it public under the > same license. So this is wh

Re: [tor-dev] Embedding tor in an application and using tor without opening a port

On 4/1/13 10:17 PM, Navin Francis wrote: > I am making a small application that always uses tor to communicate. I > have embedded tor into the application by compiling and linking the > tor source code along with my own code and calling tor's main() from > within my own main(). To send data, tor ha

Re: [tor-dev] Embedding tor in an application and using tor without opening a port

On 4/2/13 12:09 AM, Nick Mathewson wrote: > > My preferred approach for applications that want to include their own > Tor would be to have a library (perhaps based on Torsocks) that > handles making connections over Tor, plus maybe another library that > would find a running Tor or launch one as ne

Re: [tor-dev] Embedding tor in an application and using tor without opening a port

On 4/13/13 7:42 PM, wac wrote: > Seems you want to put your hands at it so that makes two of us. You don't > need to do what I already did. I am preparing the environment to move towards > team mode. Check the website http://libtor.org. In any case remember all of > this to make it solid is not

Re: [tor-dev] Embedding tor in an application and using tor without opening a port

On 4/13/13 10:05 PM, Nick Mathewson wrote: > > > > On Apr 13, 2013 1:42 PM, "wac" > wrote: > > > > > >> > > > Seems you want to put your hands at it so that makes two of us. > You don't need to do what I already did. I am preparing the > environment to move towards

Re: [tor-dev] SQLSupport

On 5/1/13 1:36 PM, moataz ahmed wrote: > is it possible to insert data about routers,circuits and bwhistory in > database ? > i am using opaddon to measure relays and i can see in torctl folder > that there is a file called sqlsupport.py > he is using sqlalchemy to deal with database > i ran opaddo

Re: [tor-dev] Tor Launcher settings UI feedback request

On 5/3/13 4:10 PM, Mark Smith wrote: http://trial.pearlcrescent.com/tor/torlauncher/2013-05-03/SetupWizard/wizard-all.png (composite of all of the wizard panels). While i've still not tried running it, i think that's very important to have a "default way" where the user with just "1 click" i

Re: [tor-dev] Iran

On 5/9/13 1:34 AM, Jacob Appelbaum wrote: Maybe OONI ppl can help with that? I have an idea that I think might help. It isn't related to any current pluggable transport. I think we could pump out a transport that would not be easy to block. It would be also be very interesting to be able to p

Re: [tor-dev] Torsocks reengineered

On 6/4/13 2:08 PM, Ian Goldberg wrote: David, Does the current version of torsocks support Optimistic Data? That saves a round trip through the Tor network, and makes things snappier. Tor clients, servers, and recently the Tor Browser now support it. I'd also say that you should consider exte

Re: [tor-dev] [Otter/Cute] What's Cute in APAF

Cool! I'd like to suggest several changes to the implementation strategy for Cute: * Cute should be an "application" and it must not be for any reason a virtual machine that's a nerdy/geeky things. An application has to be distributed trough Mac App Stores, Ubuntu App Stores, Windows App Store

Re: [tor-dev] Design for an exit relay scanner: feedback appreciated

Why don't just use OONI and a single Tor instance to do so? I expect it will take much less and you will be able to leverage existing code and exitsting knowledge within the tor project. Fabio Il 10/9/13 11:44 PM, Philipp Winter ha scritto: > I am working on a Python-based exit relay scanner whi

Re: [tor-dev] REMINDER: Attentive Otter IM meeting in 1h [1430 Pacific]

t; Some of you noticed my cunning test of putting different times in the > subject and the body. The body was right, it's 1430 Pacific! > > See y'all soon! > -Tom > -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logiosherme

Re: [tor-dev] .i2p address support in torsocks

'd love also if someone pickup I2P integration for Tor2web: https://github.com/globaleaks/Tor2web-3.0/issues/82 -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org

Re: [tor-dev] Apple App Store Redux

2] Tor on iOS App Store https://lists.torproject.org/pipermail/tor-dev/2012-March/thread.html#3382 -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Re: [tor-dev] What happened to Tor Router?

ave not seen > or researched the setup yet. > > --SiNA > -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mai

[tor-dev] Does TLS round-trip optimization apply do Tor?

Hi, i've been reading the article "Optimizing NGIX TLS time for first byte" below: http://www.igvita.com/2013/12/16/optimizing-nginx-tls-time-to-first-byte I've been thinking whenever that kind of optimization does apply also to Tor or not? -- Fabio Pietrosanti (naif)

Re: [tor-dev] [draft]: Proposal xxx: Pluggable transport SOCKS5 extensions

in SOCKS protocol related extension proposals also the ones needes by Tor2web described at https://trac.torproject.org/projects/tor/ticket/6031 -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks

Re: [tor-dev] GSoC - Search Engine for Hidden services

e The experimental statistics documented here: https://github.com/globaleaks/Tor2web-3.0/wiki/OpenData Fabio -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org __

[tor-dev] Starting Tor from Python using Ctypes improving Sandboxing?

x the Python application using AppArmor without enabling any kind of execve() call. Does anyone ever tried this? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org _

[tor-dev] Python Only Tor Client?

Are there projects that foresee to do something like that? - From a Tor Project perspective, does it make sense? - From a Security perspective, are there strong security implications in doing so? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logios

Re: [tor-dev] Revised Relay Descriptor Fields proposal

pa with express-shipping as an alchoolic incentive to anyone that love to make it real! :-) -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org Il 7/4/14, 10:22 AM, Virgil Griffith ha scri

[tor-dev] Making and distributing custom TBB with a new "home-page"

es. Waiting for comments before writing some quick specs -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - http://globaleaks.org - http://tor2web.org ___ tor-dev mailing list tor-dev@lists.to

Re: [tor-dev] Making and distributing custom TBB with a new "home-page"

nity, as far as i understood. Sounds like the most "apparently obvious" solution for our community, are not so easily applicable in that context of use by speaking with the end-users. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http:/

Re: [tor-dev] Making and distributing custom TBB with a new "home-page"

the usability improvement. It's possible that those kind of TBB's customization tool will get a small funding, so it's worth to try to think it in a way that can be useful for others. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital

Re: [tor-dev] Scaling tor for a global population

t available for someone new to Tor to read up on > the scalability challenges? As a basic concept, i don't think that Tor could scale up to huge numbers without making the end-user to became active part of the network routing. -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Di

Re: [tor-dev] Scaling tor for a global population

Il 9/27/14, 2:33 AM, Mike Perry ha scritto: > > We could also handle controlled rollouts to fractions of their userbase > to test the waters, and slowly add high capacity nodes to the network to > support these new users, to ensure we have the people ready to accept > payment for running the server

Re: [tor-dev] Distributing TBB and Tails via Torrents

On 12/10/14 7:53 PM, Chuck Peters wrote: > The torrent files are available through https with a valid certificate. We would love to distribute Tor Browser Bundle via Tor2web, useful for specific use-cases: https://github.com/globaleaks/Tor2web-3.0/issues/168 -- Fabio Pietrosanti (naif) HER

Re: [tor-dev] Internet-wide scanning for bridges

to Tor, et voilà, Tor would acquire important resiliency properties against massive scanning. That's just a concept and approach, it would require a bit more of research, but i'm quite confident that would provide very important benefit compared to the minor performance issues introduced.

Re: [tor-dev] Is it time to drop support for the v1/v2 protos?

On 1/2/15 3:27 PM, Nick Mathewson wrote: > Now, maybe we _should_ drop support for versions before > 0.2.3.17-beta as well. If so, we can rip out even more code. (And > that might be a good idea.) What do people on the list think? The cleaner, the better! Fabio

Re: [tor-dev] oppy - an Onion Proxy in Python

brary (it has been discussed few times, there are some existing architectural issues within Tor and some concern on how it shall be done). -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - h

[tor-dev] Best way to client-side detect Tor user without using check.tpo ?

or by loading an external network resource such as https://check.torproject.org/?TorButton=true because it would destroy the plausible deniability things. There's a right way to detect if a user it's on Tor, from a Browser, without loading an external network resource? -- Fabio Pietrosan

Re: [tor-dev] RFC: Ephemeral Hidden Services via the Control Port

TorHS) and caches (for descriptors/consensus) in the application database Once all of that will be possible, we'll be able to make a 100% clean Tor integration into GlobaLeaks (that's undergoing an architecture refactor to have a master/slave process). -- Fabio Pietrosanti (naif) HERMES -

Re: [tor-dev] RFC: Ephemeral Hidden Services via the Control Port

On 2/16/15 11:22 PM, meejah wrote: > > I guess to put another way: I can't see a use-case to keep the hidden- > service around if the application that added it went away. +1 from globaleaks perspective -naif ___ tor-dev mailing list tor-dev@lists.torpr

Re: [tor-dev] Static compile config and incore runtime [HS via Control Port]

s with "PE Resources" that are "appended" to the end-of file. Tor could support "appending" config files to the end of the Tor binary itself? -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://global

[tor-dev] txtorcon for javascript application (npm)

ler. This email to share this concern, by having a JS/npm packaged txtorcon equivalent software, would unleash the power of JS developers that are conquering the world. And future GlobaLeaks Desktop app will benefit from it, too ;) -- Fabio Pietrosanti (naif) HERMES - Center for Transparency a

Re: [tor-dev] Namecoin .onion to .bit linking

s/Tor2web/issues/66 If someone want to hack on those feature, we'd love to support! :) -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi

Re: [tor-dev] Feature freeze plans for Tor 0.2.7: Please read if you hack Tor!

o be built/compiled with the standard release of Tor (but with some very big-explicit-command-line to activate) ? As it would definitively help in the deployment of Tor2web -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https:/

Re: [tor-dev] Proposal: End-to-end encrypted onion services for non-Tor clients

gt; > Some commercial CA cert providers allow for domain ownership to be > validated by providing a file over HTTP at the domain. A malicious entry > proxy could successfully obtain a CA-signed certificate from one of > these certificate authorities. > > Service o

Re: [tor-dev] How many exits exit from an IP address different than their OR address? (10.7%)

onsensus (IMHO). -- Fabio Pietrosanti (naif) HERMES - Center for Transparency and Digital Human Rights http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.to

[tor-dev] List of Tor Exit IP address: Is this available from Tor Control Port

Hi all, is the list of Tor Exit IP addresses available from Tor Control Port or only from https://check.torproject.org/exit-addresses via TorDNSEL ? -naif ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman